Update packages

Cargo.toml

@@ -71,34 +71,34 @@ webauthn-rs-device-catalog = { path = "./device-catalog" }
 
 async-trait = "~0.1"
 async-std = { version = "1.6", features = ["attributes"] }
-anyhow = "1.0"
-base64 = "0.21"
-clap = { version = "^4.5", features = ["derive", "env"] }
+anyhow = "1.0.100"
+base64 = "0.22.1"
+clap = { version = "^4.5.53", features = ["derive", "env"] }
 compact_jwt = "0.4.2"
 futures = "^0.3.25"
 hex = "0.4.3"
-http = "^0.2.9"
+http = "^1.3.1"
 http-body = "1.0.1"
 http-body-util = "0.1.2"
-hyper = { version = "1.5.1", default-features = false, features = ["http1"] }
-hyper-util = { version = "0.1.10", features = ["tokio"] }
-nom = "7.1"
+hyper = { version = "1.8.1", default-features = false, features = ["http1"] }
+hyper-util = { version = "0.1.18", features = ["tokio"] }
+nom = "7.1.3"
 num-derive = { version = "0.4.2" }
 peg = "0.8.1"
-openssl = "^0.10.56"
+openssl = "^0.10.75"
 openssl-sys = "^0.9.109"
 
-rand = "0.8"
-rand_chacha = "0.3.1"
-reqwest = { version = "0.12", default-features = false, features = [
+rand = "0.9.2"
+rand_chacha = "0.9.0"
+reqwest = { version = "0.12.24", default-features = false, features = [
     "rustls-tls-native-roots",
 ] }
 
-serde = { version = "^1.0.141", features = ["derive"] }
+serde = { version = "^1.0.228", features = ["derive"] }
 serde_cbor_2 = { version = "0.13.0" }
-serde_json = "^1.0.79"
-thiserror = "^1.0.37"
-tokio = { version = "1.22.0", features = [
+serde_json = "^1.0.145"
+thiserror = "^2.0.17"
+tokio = { version = "1.48.0", features = [
     "sync",
     "test-util",
     "macros",
@@ -108,16 +108,16 @@ tokio = { version = "1.22.0", features = [
 ] }
 tokio-native-tls = "^0.3.1"
 tokio-stream = { version = "0.1", features = ["sync"] }
-tokio-tungstenite = { version = "^0.24.0", features = ["native-tls"] }
+tokio-tungstenite = { version = "^0.28.0", features = ["native-tls"] }
 tracing = "^0.1.35"
-tracing-subscriber = { version = "0.3", features = [
+tracing-subscriber = { version = "0.3.20", features = [
     "env-filter",
     "std",
     "fmt",
 ] }
 tracing-log = { version = "0.2.0" }
-tungstenite = { version = "^0.24.0", default-features = false, features = [
+tungstenite = { version = "^0.28.0", default-features = false, features = [
     "handshake",
 ] }
-url = "2"
-uuid = "^1.1.2"
+url = "2.5.7"
+uuid = "^1.18.1"

cable-tunnel-server/backend/src/main.rs

@@ -1,6 +1,6 @@
 use std::{
-    borrow::Cow, collections::HashMap, convert::Infallible, error::Error as StdError,
-    net::SocketAddr, sync::Arc, time::Duration,
+    collections::HashMap, convert::Infallible, error::Error as StdError, net::SocketAddr,
+    sync::Arc, time::Duration,
 };
 
 use clap::{ArgAction, Parser, ValueHint};
@@ -26,6 +26,7 @@ use tokio_tungstenite::WebSocketStream;
 use tungstenite::{
     error::CapacityError,
     protocol::{frame::coding::CloseCode, CloseFrame, Message, Role, WebSocketConfig},
+    Utf8Bytes,
 };
 
 use cable_tunnel_server_common::*;
@@ -127,7 +128,7 @@ impl Tunnel {
 
 const PEER_DISCONNECTED_FRAME: CloseFrame = CloseFrame {
     code: CloseCode::Normal,
-    reason: Cow::Borrowed("remote peer cleanly disconnected"),
+    reason: Utf8Bytes::from_static("remote peer cleanly disconnected"),
 };
 
 #[derive(thiserror::Error, Debug)]
@@ -162,7 +163,7 @@ impl From<tungstenite::Error> for CableError {
 }
 
 impl CableError {
-    fn close_reason(&self) -> Option<CloseFrame<'_>> {
+    fn close_reason(&self) -> Option<CloseFrame> {
         use CableError::*;
         let code = match self {
             RemotePeerErrorFrame => CloseCode::Policy,
@@ -376,11 +377,11 @@ async fn handle_request(
 
     tokio::task::spawn(async move {
         let ss = state.clone();
-        let config = Some(WebSocketConfig {
-            max_message_size: Some(ss.max_length),
-            max_frame_size: Some(ss.max_length),
-            ..Default::default()
-        });
+        let config = Some(
+            WebSocketConfig::default()
+                .max_message_size(Some(ss.max_length))
+                .max_frame_size(Some(ss.max_length)),
+        );
 
         match hyper::upgrade::on(&mut req).await {
             Ok(upgraded) => {

compat_tester/webauthn-rs-demo-wasm/Cargo.toml

@@ -10,15 +10,17 @@ crate-type = ["cdylib", "rlib"]
 
 [dependencies]
 webauthn-rs-demo-shared = { path = "../webauthn-rs-demo-shared", default-features = false }
-webauthn-rs-proto = { path = "../../webauthn-rs-proto", default-features = false, features = ["wasm"] }
+webauthn-rs-proto = { path = "../../webauthn-rs-proto", default-features = false, features = [
+    "wasm",
+] }
 wasm-bindgen = { version = "0.2", features = ["serde-serialize"] }
 wasm-bindgen-futures = { version = "0.4" }
-yew-router = "0.16.0"
-yew = "0.19"
+yew-router = "0.18.0"
+yew = "0.21"
 js-sys = "0.3"
 serde = { version = "1.0", features = ["derive"] }
-serde-wasm-bindgen = "0.4"
-gloo = { version = "0.10", default-features = false, features = ["console"] }
+serde-wasm-bindgen = "0.6.5"
+gloo = { version = "0.11.0", default-features = false, features = ["console"] }
 url = "2"
 
 [dependencies.web-sys]

compat_tester/webauthn-rs-demo/src/main.rs

@@ -669,7 +669,7 @@ async fn main() -> tide::Result<()> {
 
     let mut app = tide::with_state(app_state);
 
-    let cookie_sig = StdRng::from_entropy().gen::<[u8; 32]>();
+    let cookie_sig = StdRng::from_os_rng().random::<[u8; 32]>();
     let memory_store = tide::sessions::MemoryStore::new();
 
     let sessions = tide::sessions::SessionMiddleware::new(memory_store.clone(), &cookie_sig)

fido-hid-rs/Cargo.toml

@@ -14,7 +14,7 @@ repository = { workspace = true }
 
 [dependencies]
 async-trait = "0.1.58"
-bitflags = "1.3.2"
+bitflags = "2.10.0"
 futures.workspace = true
 thiserror.workspace = true
 tokio.workspace = true
@@ -24,7 +24,7 @@ tracing.workspace = true
 [build-dependencies]
 # Actually only required when targeting Linux, but Cargo doesn't support
 # build-dependencies for a single target, and you might be cross-compiling.
-bindgen = "0.65.1"
+bindgen = "0.72.1"
 
 [dev-dependencies]
 tracing-subscriber = { workspace = true }
@@ -48,12 +48,12 @@ windows = { version = "0.41.0", features = [
 ] }
 
 [target.'cfg(target_os = "macos")'.dependencies]
-core-foundation = "0.9"
+core-foundation = "0.10.1"
 libc = "0.2"
-mach2 = "0.4"
+mach2 = "0.6"
 
 [target.'cfg(target_os = "linux")'.dependencies]
-nix = { version = "0.26.2", features = ["ioctl", "poll"] }
+nix = { version = "0.30.1", features = ["ioctl", "poll", "signal"] }
 num-derive = { workspace = true }
 num-traits = "0.2"
-udev = "0.7.0"
+udev = "0.9.3"

fido-hid-rs/build.rs

@@ -6,7 +6,7 @@ fn linux_headers() {
     println!("cargo:rerun-if-changed={LINUX_WRAPPER_H}");
     let bindings = bindgen::builder()
         .header(LINUX_WRAPPER_H)
-        .parse_callbacks(Box::new(bindgen::CargoCallbacks))
+        .parse_callbacks(Box::new(bindgen::CargoCallbacks::new()))
         .derive_debug(false)
         .derive_default(true)
         .allowlist_type("hidraw_report_descriptor")

fido-hid-rs/src/linux/mod.rs

@@ -8,7 +8,7 @@ use std::{
     fs::{File, OpenOptions},
     io::{Read, Write},
     mem::size_of,
-    os::fd::AsRawFd,
+    os::fd::{AsFd, AsRawFd},
     path::Path,
     time::Duration,
 };
@@ -89,12 +89,15 @@ impl USBDeviceManager for USBDeviceManagerImpl {
                 return;
             }
 
-            let pollfd = PollFd::new(monitor.as_raw_fd(), PollFlags::POLLIN | PollFlags::POLLPRI);
+            let mut pollfds = [PollFd::new(
+                monitor.as_fd(),
+                PollFlags::POLLIN | PollFlags::POLLPRI,
+            )];
 
             loop {
                 // trace!("ppoll'ing for event");
                 if let Err(e) = ppoll(
-                    &mut [pollfd],
+                    &mut pollfds,
                     Some(Duration::from_secs(1).into()),
                     Some(SigSet::all()),
                 ) {
@@ -171,6 +174,7 @@ impl USBDeviceManager for USBDeviceManagerImpl {
 }
 
 #[derive(Clone, Debug)]
+#[allow(dead_code)] // because vendor/product are not used yet
 pub struct USBDeviceInfoImpl {
     path: Box<Path>,
     vendor: u16,

tutorial/server/actix_web/src/session.rs

@@ -6,7 +6,7 @@ use actix_session::storage::{LoadError, SaveError, SessionKey, SessionStore, Upd
 use actix_web::cookie::time::Duration;
 use anyhow::anyhow;
 use chrono::Utc;
-use rand::distributions::{Alphanumeric, DistString};
+use rand::distr::{Alphanumeric, SampleString};
 
 /**
 Static map where session states are stored
@@ -48,7 +48,7 @@ impl SessionStore for MemorySession {
         let mut session_key;
 
         loop {
-            session_key = Alphanumeric.sample_string(&mut rand::thread_rng(), 512);
+            session_key = Alphanumeric.sample_string(&mut rand::rng(), 512);
 
             if !SESSION_STATES
                 .lock()

tutorial/server/tide/src/main.rs

@@ -387,7 +387,7 @@ async fn main() -> tide::Result<()> {
     // Allow cookies so that we can bind some data to sessions.
     // In production, you should NOT use the memory store, since
     // it does not have cleanup.
-    let cookie_sig = StdRng::from_entropy().gen::<[u8; 32]>();
+    let cookie_sig = StdRng::from_os_rng().random::<[u8; 32]>();
     let memory_store = tide::sessions::MemoryStore::new();
 
     let sessions = tide::sessions::SessionMiddleware::new(memory_store.clone(), &cookie_sig)

webauthn-authenticator-rs/Cargo.toml

@@ -135,8 +135,8 @@ bluetooth-hci = { git = "https://github.com/micolous/bluetooth-hci.git", rev = "
 
 # image version needs to match bardecoder's version:
 # https://github.com/piderman314/bardecoder/blame/master/Cargo.toml
-bardecoder = "=0.4.0"
-image = ">= 0.23.14, < 0.24"
+bardecoder = "=0.5.0"
+image = "0.24.9"
 
 [[example]]
 name = "authenticate"

webauthn-authenticator-rs/src/cable/tunnel.rs

@@ -182,7 +182,9 @@ impl Tunnel {
             CableNoise::build_initiator(Some(local_identity), psk, None)?;
         trace!("Sending initial handshake...");
         trace!(">!> {}", hex::encode(&handshake_message));
-        stream.send(Message::Binary(handshake_message)).await?;
+        stream
+            .send(Message::Binary(handshake_message.into()))
+            .await?;
 
         // Handshake sent, get response
         ui.cable_status_update(CableState::WaitingForAuthenticatorResponse);
@@ -292,7 +294,7 @@ impl Tunnel {
             CableNoise::build_responder(None, psk, Some(peer_identity), &resp)?;
         trace!("Sending response to initiator challenge");
         trace!(">!> {}", hex::encode(&response));
-        stream.send(Message::Binary(response)).await?;
+        stream.send(Message::Binary(response.into())).await?;
 
         // Send post-handshake message
         let phm = CablePostHandshake {
@@ -336,7 +338,7 @@ impl Tunnel {
         trace!(">>> {}", hex::encode(cmd));
         let encrypted = self.crypter.encrypt(cmd)?;
         trace!(">!> {}", hex::encode(&encrypted));
-        self.stream.send(Message::Binary(encrypted)).await?;
+        self.stream.send(Message::Binary(encrypted.into())).await?;
         Ok(())
     }
 

webauthn-rs-core/src/core.rs

@@ -226,8 +226,8 @@ impl WebauthnCore {
     }
 
     fn generate_challenge(&self) -> Challenge {
-        let mut rng = rand::thread_rng();
-        Challenge::new(rng.gen::<[u8; CHALLENGE_SIZE_BYTES]>().to_vec())
+        let mut rng = rand::rng();
+        Challenge::new(rng.random::<[u8; CHALLENGE_SIZE_BYTES]>().to_vec())
     }
 
     /// Generate a new challenge builder for client registration. This is the first step in